New Malware Steals Your Bitcoin

Share

New Malware Steals Your Bitcoin

In a sure sign that the virtual currency Bitcoin has hit the mainstream, a new Trojan horse program discovered in the wild Thursday seeks out and steals victims' Bitcoin wallets, the same way other malware goes for their banking passwords or credit card numbers.

The malware, Infostealer.Coinbit, is fairly simple: It targets Windows machines and zeros in on the standard file location for a Bitcoin wallet. It then e-mails the wallet – a data file containing private crypto keys – to the attacker by way of a server in Poland, according to Symantec, which was first to alert on the attack.

"If you use Bitcoins, you have the option to encrypt your wallet and we recommend that you choose a strong password for this in the event that an attacker is attempting to brute-force your wallet open," Symantec's Stephen Doherty wrote in a blog post Thursday.

Bitcoin is an anonymous, decentralized virtual currency that's been percolating for the last two years, and got widespread attention with Gawker's excellent June 1 story on Silk Road, the online drug market where Bitcoin is the standard currency.

Independent of any national currency, Bitcoin is exchanged peer-to-peer, or earned by users who contribute CPU cycles to mathematically generating new Bitcoin, a process called "mining."

Hacker types have been sniffing around Bitcoin since at least April, when a program called Stealthcoin debuted that's tailor-made for turning a botnet of compromised computers into a covert parallel Bitcoin mining machine. The first theft of Bitcoins was reported this week by a user who claimed a hacker transferred 25,000 BTC from his machine, theoretically worth about $500,000 at current exchange rates.

With its single-minded focus, Infostealer.Coinbit has the feel of an interim solution. In the future, Bitcoin theft will probably be a standard feature in full-featured Trojans.